It’s not every day that we get to spend time with our colleagues from across the pond. So, when the opportunity presented itself to exhibit at the Cisco Live World of Solutions this year in London, we jumped at it. Not only would we get to interact with customers and prospects in a more international setting, but we would be able to see what other vendors are accomplishing with Cisco inspired technologies, like NetFlow.
While we pride ourselves on providing best in NetFlow solutions and being on the cutting edge of flow-based traffic monitoring, there is no doubt that every Cisco Live event provides its own eye opening and informative experience. So, needless to say, the decision to exhibit at the show was practically made for us.
I was working with a customer last week who only wanted TCP, UDP, HOPOPT and ICMP on the network. In addition to that they wanted to be alarmed if any other transport protocol passed through their Cisco ASA . I introduced them to the Top Network Transports gadget in Flow Analytics.
Sitting down this morning with a much needed cup of coffee I was alerted to this startling post from a cNet news feed.
“Thursday is the deadline for colleges and universities that receive Title IV federal aid to have implemented antipiracy procedures on their campuses as part of the Higher Education Opportunity Act (HEOA) of 2008.” – cnet
I was speechless, which for me is quite an astounding feat. So many thoughts ran around in my head but in the end only one thing came out of my mouth, “theres an app for that!”. Scrutinizer and NetFlow can easily help schools monitor for this type of traffic. Heck! It was one of the things Scrutinizer was built for. Understanding how users consume your networks bandwidth is important in todays world. Laws like this make monitoring your traffic a requirement. Matter of fact, it can be quite costly if you don’t.
As I mentioned Scrutinizer is well suited to assist in this task. NetFlow gives you the flexibility to monitor all of your network traffic from one central location. Scrutinizer allows you to filter your data into meaningful, easy to swallow reports that tell you who was doing what, where and when. It doesn’t stop there.
Scrutinizers filtering engine allows you to customize how you view your data . Scrutinizer then gives you the ability to add a threshold to that report . Now you have a customized monitoring tool. I created a quick video that explain . . . .
But that report only looks for high bandwidth consumption, file sharing traffic can be small and and almost undetectable. In applications that don’t store all of the NetFlow traffic this is true. Scrutinizer stores all of your NetFlow data which gives our Flow Analytics engine the ability to monitor all of your network traffic and alert you on suspicious traffic patterns. You guessed it, one of the monitoring algorithms is P2P. How fitting! . Flow Analytics also allows you to easily identify Top Applications, Conversations, Flows, Protocols, Domains, Countries, Subnets, etc. across dozens of routers and switches.
Do you have NetFlowV9 and NBAR? We are one of the only vendors that support this technology completely. NBAR stands for ”Network Based Application Recognition” and is the mechanism used by some Cisco routers and switches to recognize a dataflow by inspecting some packets sent. With NBAR you are going to be able to get a definitive answer on what applications are being used on your network. Scrutinizer supports it, reports on it and most importantly alerts on it!
I’ve shown you a few of the ways Scrutinizer can help you meet the needs of this new law. There are quite a few other important features so make sure to download a copy of Scrutinizer and kick the tires for 30 days.
Jimmy D the Netflow Detective
For a free 30 day trial of Scrutinizer, Download Now!
Jim Martin from ExpertReview.com wrote a blog that points out some of the scary statistics about corporate employees and network usage during the games.
“The survey of 2,000 workers also found that most people had given no thought to the possible consequences on their own workplace.” The article then goes on to say, “IT networks. More than half those polled did not know whether their organization had any restrictions or guidelines in place to stop them accessing sites to watch the tournament.”
Thanks to Jimmy D, our renowned International Sales Channel Manager, we have a proven solution for monitoring NetFlow traffic for home users.
A situation arose for Jim where his wife and daughter would be in Florida caring for his parents while he was still here in Maine. The geek that he is, he didn’t want distance to keep them apart.
So he decided to provide voice, video, and network monitoring while they were in Florida. To achieve this, he decided to set up a small embedded server rack in his parents’ Florida home. This would allow for VoIP, Video, network traffic monitoring, and a web server.
If you are running Scrutinizer v7.01, the Cisco ASA interfaces don’t show up in the Status tab yet. It was a philosophical decision. Here’s why:
The ASA running v8.2.1 exports bidirectional NetFlow! This is unlike anything else we’ve seen. In nearly all NetFlow exports v5, v9, IPFIX etc. flows are exported in one direction (i.e. A -> B and then a separate flow for B -> A). This is true for ingress or egress NetFlow. For Example: lets say A -> B creates a flow of 200KB. Then in return: B -> A causes a 2nd flow of 40KB. Well, the developers of the ASA decided to be unique and add the two flows together and export A -> B 240KB!!!! The two added to each other is called a bidirectional flow.
Because of this, when we calculate the percent utilization using NetFlow (i.e. not SNMP) by adding the total flows together we overstate InBound/OutBound utilization in the Status tab. We are talking with Cisco about this unconventional export method. We have no definitive news yet.
NOTE: The ASA also doesn’t support an Active Timeout causing huge spikes in the graphs and thus making network traffic analysis kind of tricky when traffic that occurred over several minutes shows up in a single minute!
If you are seeing some screwy results with ASA and NSEL, the above is why. Anyway, everyone can blame Mike for not sticking the data in the Status tab!
I was working with a call center that had a problem with high bandwidth usage and he wanted to know if Scrutinizer NetFlow & sFlow Analyzer would be able to help him out. They were seeing a lot of Facebook traffic on their network and wanted to be able to see if it was coming from the call center.
I let him know that with Scrutinizer, he could add a filter to show him all of the Facebook traffic on his network and limit it to the traffic from a certain IP range. He could also add a filter that would monitor his NetFlow data and alert if a certain amount of Facebook traffic originated from that IP range. Read more »
Jimmy D the Netflow Detective
For a free 30 day trial of Scrutinizer, Download Now!
It was a warm day here at the office – warmer then most. I was getting up to get a drink of water when she walked in. She was a beautiful dame, but in my world they are all beautiful. This one was different. She had a mission. She needed something.
I just saw a tweet asking how NetFlow is handled on the ASA. Since Scrutinizer handles the flow from the ASA, I though I would post the information I have from Cisco explaining how NetFlow is handled in the ASA.
** UPDATE: The Keurig My K-Cupis is still awesome and one of the best alternatives for the greener coffee lover. I just saw a life hacker post that talks about a simple modification that can make stronger (even better) coffee from your Keurig! **
I don’t know why but I got it in my head to reuse the Kcups in our office coffee machine. Don’t get me wrong the Keurig, single cup coffee maker is awesome. I have one at home, but I could never get over throwing the little cups away. Seemed a waste.
At home, I have the reusable containers. This eliminates the need to use the prepackaged Kcups. After a quick Google search I found these little plastic lids that cover the Kcup, allowing you to reuse it. I figured that I could replicate that here in the office.
The World Cup kicks off in two days
